Method for managing security for card-type storage medium and a transaction apparatus therefor

US 6,012,143 A
Filed: 10/30/1996
Issued: 01/04/2000
Est. Priority Date: 08/01/1994
Status: Expired due to Term

First Claim

Patent Images

1. A method for managing security of a card-type storage medium having a storage unit keeping a data file therein comprising the steps of:

generating an unique identifier in said card-type storage medium for each transaction after a transaction has been started between said card-type storage medium and a transaction apparatus accessing said card-type storage medium to execute the transaction therewith by making a security check and after the data file that is an object of an access of said transaction apparatus has been determined;

notifying said transaction apparatus of said unique identifier generated for the transaction; and

comparing an unique identifier given to the access command from said transaction apparatus with said unique identifier generated for said transaction in said card-type storage medium, and performing a process according to the access command from said transaction apparatus if said unique identifiers are in agreement.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In a card-type storage medium and transaction apparatus, when a transaction is started between the card-type storage medium and the transaction apparatus and a data file that is an object of an access from the transaction apparatus is determined, a unique identifier generating device of the card-type storage medium generates a unique identifier for this transaction. A unique identifier notifying device notifies the unique identifier to the transaction apparatus. Accordingly, it is possible to specify the transaction apparatus having access to the card-type storage medium by referring to that unique identifier.

Citations

34 Claims

1. A method for managing security of a card-type storage medium having a storage unit keeping a data file therein comprising the steps of:
- generating an unique identifier in said card-type storage medium for each transaction after a transaction has been started between said card-type storage medium and a transaction apparatus accessing said card-type storage medium to execute the transaction therewith by making a security check and after the data file that is an object of an access of said transaction apparatus has been determined;
  
  notifying said transaction apparatus of said unique identifier generated for the transaction; and
  
  comparing an unique identifier given to the access command from said transaction apparatus with said unique identifier generated for said transaction in said card-type storage medium, and performing a process according to the access command from said transaction apparatus if said unique identifiers are in agreement.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
- - 2. A method for managing security of a card-type storage medium according to claim 1, wherein the unique identifier generated for said transaction is enciphered with a first encipherment key in said card-type storage medium, a ciphertext of said unique identifier is notified to said transaction apparatus, and the ciphertext unique identifier from said card-type storage medium is deciphered with said first encipherment key in said transaction apparatus.
  - 3. A method for managing security of a card-type storage medium according to claim 2, wherein a plaintext of the unique identifier before the encipherment key is notified along with the ciphertext unique identifier obtained by encipherment with said first encipherment to said transaction apparatus from said card-type storage medium, the ciphertext unique identifier from said card-type storage medium is deciphered with said first encipherment key in said transaction apparatus, a deciphered text of the unique identifier obtained by decipherment is compared with the plaintext unique identifier from said card-type storage medium, and an access process an said card-type storage medium is proceeded if these unique identifiers are in agreement.
  - 4. A method for managing security of a card-type storage medium according to claim 3, wherein the unique identifier from said card-type storage medium is enciphered with a second encipherment key, the ciphertext unique identifier is then given to the access command from said transaction apparatus to said card-type storage medium, the ciphertext unique identifier given to the access command from said transaction apparatus is deciphered with said second encipherment key, and a deciphered text unique identifier is compared with the unique identifier generated for said transaction.
  - 5. A method for managing security of a card-type storage medium according to claim 4, wherein a plaintext of the unique identifier before the encipherment is notified along with the ciphertext unique identifier obtained by the encipherment with the second encipherment key to said card-type storage medium from said transaction apparatus, the ciphertext unique identifier from said card-type storage medium is deciphered with said second encipherment key in said card-type storage medium, a deciphered text unique identifier obtained by the decipherment is compared with the plaintext unique identifier from said transaction apparatus, and if these unique identifiers are in agreement a process is proceeded.
  - 6. A method for managing security of a card-type storage medium according to claim 5, wherein if the unique identifiers are found to be in disagreement as a result of the comparison in said card-type storage medium, an error is notified as a response to the access command from said transaction apparatus.
  - 7. A method for managing security of a card-type storage medium according to claim 1, wherein the unique identifier from said card-type storage medium is enciphered with a second encipherment key, the ciphertext unique identifier is then given to the access command from said transaction apparatus to said card-type storage medium, the ciphertext unique identifier given to the access command from said transaction apparatus is deciphered with said second encipherment key, and the deciphered text unique identifier is compared with the unique identifier generated for said transaction.
  - 8. A method for managing security of a card-type storage medium according to claim 7, wherein a plaintext of the unique identifier before the encipherment is notified along with the ciphertext unique identifier obtained by the encipherment with the second encipherment key to said card-type storage medium from said transaction apparatus, the ciphertext unique identifier from said card-type storage medium is deciphered with said second encipherment key in said card-type storage medium, a deciphered text unique identifier obtained by the decipherment is compared with the plaintext unique identifier from said transaction apparatus, and if these unique identifiers are in agreement a process is proceeded.
  - 9. A method for managing security of a card-type storage medium according to claim 8, wherein if the unique identifiers are found to be in disagreement as a result of the comparison in said card-type storage medium, an error is notified as a response to the access command from said transaction apparatus.
  - 10. A method for managing security of a card-type storage medium according to claim 2, wherein the unique identifier from said card-type storage medium is enciphered with a second encipherment key, the ciphertext unique identifier is then given to the access command from said transaction apparatus to said card-type storage medium, the ciphertext unique identifier given to the access command from said transaction apparatus is deciphered with said second encipherment key, and a deciphered text unique identifier is compared with the unique identifier generated for said transaction.
  - 11. A method for managing security of a card-type storage medium according to claim 10, wherein a plaintext of the unique identifier before the encipherment is notified along with the ciphertext unique identifier obtained by the encipherment with the second encipherment key to said card-type storage medium from said transaction apparatus, the ciphertext unique identifier from said card-type storage medium is deciphered with said second encipherment key in said card-type storage medium, a deciphered text unique identifier obtained by the decipherment is compared with the plaintext unique identifier from said transaction apparatus, and if these unique identifiers are in agreement a process is proceeded.
  - 12. A method for managing security of a card-type storage medium according to claim 11, wherein if the unique identifiers are found to be in disagreement as a result of the comparison in said card-type storage medium, an error is notified as a response to the access command from said transaction apparatus.
  - 13. A method for managing security of a card-type storage medium according to claim 1, wherein if the unique identifiers are found to be in disagreement as a result of the comparison in said card-type storage medium, an error is notified as a response to the access command from said transaction apparatus.

14. In a card-type storage medium having a storage unit having a data area keeping a data file therein and a directory area keeping control information about the data file in said data area therein and a control unit managing the data file in said data area in said storage unit on the basis of the control information in said directory area in said storage unit, the improvement comprising:
- said control unit comprising;
  
  a unique identifier generating means for generating a unique identifier for each transaction after a transaction has been started with an external apparatus by making a security check and after the data file that is an object of an access from said external apparatus has been determined;
  
  a unique identifier notifying means for notifying the unique identifier, generated for the transaction by said unique identifier generating means, to said external apparatus;
  
  a first comparing means for comparing a unique identifier given to an access command from said external apparatus with the unique identifier generated for the transaction by said unique identifier generating means; and
  
  a first judging means for determining that the access command from said external apparatus is for said transaction if the unique identifiers are in agreement as a result of comparison by said first comparing means and for performing a process according to the access command from said external apparatus.
- View Dependent Claims (15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26)
- - 15. A card-type storage medium according to claim 14, wherein said control unit further comprising an enciphering means enciphering the unique identifier generated for said transaction by said unique identifier generating means with a first encipherment key, and said unique identifier notifying means notifies a ciphertext unique identifier obtained in encipherment by said enciphering means to said external apparatus.
  - 16. A card-type storage medium according to claim 15, wherein said unique identifier notifying means notifies the ciphertext unique identifier obtained in encipherment by said enciphering means along with a plaintext of the unique identifier before the encipherment to said external apparatus.
  - 17. A card-type storage medium according to claim 16, wherein said control unit still further comprising a deciphering means deciphering a ciphertext unique identifier with a second encipherment key if said ciphertext unique identifier obtained by encipherment with said second encipherment key is given to the access command from said external apparatus, and said first comparing means compares a deciphered text unique identifier obtained in decipherment by said deciphering means with the unique identifier generated for said transaction by said unique identifier generating means.
  - 18. A card-type storage medium according to claim 17, wherein said control unit still further comprising:
    - a second comparing means comparing the deciphered text unique identifier obtained in decipherment by said deciphering means with the plaintext unique identifier from said external apparatus if the plaintext unique identifier is given to the access command from said external apparatus along with the ciphertext unique identifier obtained by encipherment with said second encipherment key; and
      
      a second judging means judging that the access command from said external apparatus is rightful if these unique identifiers are found to be in agreement as a result of comparison by said second comparing means.
  - 19. A card-type storage medium according to claim 18, wherein said control unit still further comprising an error notifying means notifying an error as a response to the access command from said external apparatus if the unique identifiers are found to be in disagreement as a result of comparison by said second comparing means.
  - 20. A card-type storage medium according to claim 15, wherein said control unit still further comprising a deciphering means deciphering a ciphertext unique identifier with a second encipherment key if said ciphertext unique identifier obtained by encipherment with said second encipherment key is given to the access command from said external apparatus, and said first comparing means compares a deciphered text unique identifier obtained in decipherment by said deciphering means with the unique identifier generated for said transaction by said unique identifier generating means.
  - 21. A card-type storage medium according to claim 20, wherein said control unit still further comprising:
    - a second comparing means comparing the deciphered text unique identifier obtained in decipherment by said deciphering means with the plaintext unique identifier from said external apparatus if the plaintext unique identifier is given to the access command from said external apparatus along with the ciphertext unique identifier obtained by encipherment with said second encipherment key; and
      
      a second judging means judging that the access command from said external apparatus is rightful if these unique identifiers are found to be in agreement as a result of comparison by said second comparing means.
  - 22. A card-type storage medium according to claim 21, wherein said control unit still further comprising an error notifying means notifying an error as a response to the access command from said external apparatus if the unique identifiers are found to be in disagreement as a result of comparison by said second comparing means.
  - 23. A card-type storage medium according to claim 14, wherein said control unit still further comprising a deciphering means deciphering a ciphertext unique identifier with a second encipherment key if said ciphertext unique identifier obtained by encipherment with said second encipherment key is given to the access command from said external apparatus, and said first comparing means compares a deciphered text unique identifier obtained in decipherment by said deciphering means with the unique identifier generated for said transaction by said unique identifier generating means.
  - 24. A card-type storage medium according to claim 23, wherein said control unit still further comprising:
    - a second comparing means comparing the deciphered text unique identifier obtained in decipherment by said deciphering means with the plaintext unique identifier from said external apparatus if the plaintext unique identifier is given to the access command from said external apparatus along with the ciphertext unique identifier obtained by encipherment with said second encipherment key; and
      
      a second judging means judging that the access command from said external apparatus is rightful if these unique identifiers are found to be in agreement as a result of comparison by said second comparing means.
  - 25. A card-type storage medium according to claim 24, wherein said control unit still further comprising an error notifying means notifying an error as a response to the access command from said external apparatus if the unique identifiers are found to be in disagreement as a result of comparison by said second comparing means.
  - 26. A card-type storage medium according to claim 14, wherein said control unit still further comprising an error notifying means notifying an error as a response to the access command from said external apparatus if the unique identifiers are found to be in disagreement as a result of comparison by said first comparing means.

27. A transaction apparatus for a card-type storage medium which accesses said card-type storage medium having a storage unit keeping a data file therein to execute a transaction therewith, comprising:
- a notifying means for notifying said card-type storage medium of an access command which is given a unique identifier until an end of a transaction, notification being after the data file that is an object of the access in said card-type storage medium has been determined and said transaction apparatus has been informed of said unique identifier by said card type storage medium, said unique identifier generated for each transaction in said card-type storage medium; and
  
  a deciphering means deciphering a ciphertext of the unique identifier with a first encipherment key if the unique identifier from said card-type storage medium is enciphered with said first encipherment key.
- View Dependent Claims (28, 29, 30, 31, 32)
- - 28. A transaction apparatus for a card-type storage medium according to claim 27, still further comprising:
    - a comparing means comparing a deciphered text of the unique identifier obtained in decipherment by said deciphering means with a plaintext of the unique identifier from said card-type storage medium if the plaintext unique identifier before the encipherment is notified from said card-type storage medium along with said ciphertext unique identifier; and
      
      a judging means judging that said card-type storage medium is rightful if these unique identifiers are in agreement as a result of comparison by said comparing means and proceeding an access process on said card-type storage medium.
  - 29. A transaction apparatus for a card-type storage medium according to claim 28 still further comprising a enciphering means enciphering the unique identifier from said card-type storage medium with a second encipherment key, and said notifying means giving a ciphertext of the unique identifier obtained in encipherment by said enciphering means to the access command and notifying it to said card-type storage medium.
  - 30. A transaction apparatus for a card-type storage medium according to claim 29 wherein said notifying means notifying the plaintext unique identifier before the encipherment along with the ciphertext unique identifier obtained in encipherment by said enciphering means to said card-type storage medium.
  - 31. A transaction apparatus for a card-type storage medium according to claim 27 still further comprising a enciphering means enciphering the unique identifier from said card-type storage medium with a second encipherment key, and said notifying means giving a ciphertext of the unique identifier obtained in encipherment by said enciphering means to the access command and notifying it to said card-type storage medium.
  - 32. A transaction apparatus for a card-type storage medium according to claim 31 wherein said notifying means notifying the plaintext unique identifier before the encipherment along with the ciphertext unique identifier obtained in encipherment by said enciphering means to said card-type storage medium.

33. A transaction apparatus for a card-type storage medium which accesses said card-type storage medium having a storage unit keeping a data file therein to execute a transaction therewith, comprising:
- a notifying means for notifying said card-type storage medium of an access command which is given a unique identifier until an end of a transaction, notification being after the data file that is an object of the access in said card-type storage medium has been determined and said transaction apparatus has been informed of said unique identifier by said card type storage medium, said unique identifier generated for each transaction in said card-type storage medium; and
  
  an enciphering means for enciphering the unique identifier from said card-type storage medium with an encipherment key, and said notifying means giving a ciphertext of the unique identifier obtained in encipherment by said enciphering means to the access command and notifying it to said card-type storage medium.
- View Dependent Claims (34)
- - 34. A transaction apparatus for a card-type storage medium according to claim 33 wherein said notifying means notifying the plaintext unique identifier before the encipherment along with the ciphertext unique identifier obtained in encipherment by said enciphering means to said card-type storage medium.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Fujitsu Limited
Original Assignee
Fujitsu Limited
Inventors
Tanaka, Hiroshi
Primary Examiner(s)
LE, DIEU MINH T

Application Number

US08/740,554
Time in Patent Office

1,161 Days
Field of Search

395/186, 395/187.01, 395/188.01, 395/241, 380/4, 380/23, 380/24, 380/25, 340/825.31, 340/825.32, 340/825.34, 713/200, 713/201, 713/202
US Class Current

726/20
CPC Class Codes

G06Q 20/341   Active cards, i.e. cards in...

G06Q 20/35765   Access rights to memory zones

G06Q 20/367   involving electronic purses...

G07F 7/082   Features insuring the integ...

G07F 7/1008   Active credit-cards provide...

Method for managing security for card-type storage medium and a transaction apparatus therefor

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

Citations

34 Claims

Specification

Solutions

Use Cases

Quick Links

Method for managing security for card-type storage medium and a transaction apparatus therefor

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

34 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links